Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-evnx-jash-vyht

Summary

2N Access Commander version 2.1 and prior is vulnerable in default settings to Man In The Middle attack due to not verifying certificates of 2N edge devices. 





2N has currently released an updated version 3.3 of 2N Access Commander, with added Certificate Fingerprint Verification. Since version 2.2 of 2N Access Commander (released in February 2022) it is also possible to enforce TLS certificate validation.It is recommended that all customers update 2N Access Commander to the latest version and use one of two mentioned practices.

Aliases

alias	CVE-2024-47258

Fixed_packages

Affected_packages

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-47258

reference_id

reference_type

scores

value	0.00051
scoring_system	epss
scoring_elements	0.16424
published_at	2026-06-11T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.16567
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-47258

reference_url

https://www.2n.com/en-GB/download/cve_2024_47258_acom_3_3_v1pdf

reference_id

cve_2024_47258_acom_3_3_v1pdf

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-03T15:32:08Z/

url

https://www.2n.com/en-GB/download/cve_2024_47258_acom_3_3_v1pdf

Weaknesses

cwe_id	295
name	Improper Certificate Validation
description	The product does not validate, or incorrectly validates, a certificate.

Exploits

Severity_range_score 8.1 - 8.1

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-evnx-jash-vyht

Vulnerability Instance